That was my mistake :sad:
I should have doublechecked my regfix.... However, good to hear you got it sorted.. Sorry for the way it went. My bad.
Here's some tips for future to prevent spyware:...
Type: Posts; User: Rawe; Keyword(s):
That was my mistake :sad:
I should have doublechecked my regfix.... However, good to hear you got it sorted.. Sorry for the way it went. My bad.
Here's some tips for future to prevent spyware:...
Open notepad and copy/paste the text in the quotebox into it
Save it as CFScript.txt on your desktop.
http://users.pandora.be/bluepatchy/miekiemoes/images/CFScript.gif
Referring to the...
Hello and welcome aboard :)
While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now...
Nope you can go ahead and delete VundoFix/Combofix/HijackThis along with all the backups. :)
Please read here how to clear old restore points and create a new one.
Stand Up and Be Counted --->...
Updating Java and Clearing Cache
Go to Start > Control Panel double-click on the Software icon > Add/Remove Programs.
Search in the list for ALL previous installed versions of Java. (J2SE Runtime...
Hi again :)
Open notepad and copy/paste the text in the quotebox below into it:
Save this as ComboFix-Do.txt
http://img.photobucket.com/albums/v666/sUBs/Combo-Do.gif
Hi again :)
Run a scan with HijackThis and check the following object for removal:
O2 - BHO: (no name) - {F2611F46-D1DB-4294-9BFD-778A5C6F4779} - C:\WINDOWS\system32\vtstu.dll (file missing)
...
Hello and welcome aboard! :)
Please download VundoFix.exe to your desktop.
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove...
Great to hear. :)
Please do read TonyKlein's article: So how did I get infected in the first place?
Delete this folder if found:
c:\program files\MyWay
Empty recycle bin. Looks good :) Hows things running right now?
Sorry for the delays :sad:
This is looking much, much better. Let me know if you're still in need of help..... Been busy.
Once more, OTMoveIt....
Please double-click OTMoveIt.exe to run it....
Go ahead and uninstall AVG Anti-Spyware and delete ComboScan.. Aswell as Combofix. :)
Hows the system running at the moment? Having any issues??
Check & fix the following object in HijackThis:...
Sorry for the delay...
Please go to -> Start -> Run and paste in: sc delete "Client IP-IPX"
Click OK.
Then..
Please double-click OTMoveIt.exe to run it.
Copy the file paths below to the...
Run a scan with HijackThis and check the following objects for removal:
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [MSN Explorer]...
Not clean yet. :)
I would like to see that Combolog... But in the meantime, lets run another scanner.
Please print these instructions out, or write them down, as you can't read them during the...
Hello and welcome aboard :)
First things first, open notepad and make sure Format -> WordWrap is unchecked. Makes the log hard to read.
Then,
Please download Combofix to your desktop:
...
Looks good :bigthumb:
Please read here how to clear old restore points and create a new one.
Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!
The site...
Uninstall the following entry if found under Add/Remove Programs list:
MovieBox
Now, please delete the following folder and file if found (if you are unable to delete them, please try again in...
Hows the system running right now? :)
Please go HERE to run Panda's ActiveScan
Once you are on the Panda site click the Scan your PC button
A new window will open...click the Check Now button...
Again, please print the instructions or save them to a notepad file for easier reference.
Please reboot into Safe Mode, navigate to and delete these files once in Safe Mode (if present):
...
Hi again :)
Please run a scan with HijackThis and check the following objects for removal:
O4 - HKLM\..\Run: [iut75] c:\windows\system32\drivers\uzcx.exe
O4 - HKLM\..\Run: [VaCtrls] v7
O4 -...
Please print these instructions out, or write them down, as you can't read them during the fix.
1. Please download The Avenger by Swandog46 to your Desktop.
Click on Avenger.zip to open the file...
Hi, lets continue :)
You can go ahead and delete SDFix; we might still need ComboFix though.
Please download AVG Anti-Spyware and save that file to your desktop.
This is a 30 day trial of the...
Hello and welcome aboard :)
Nicely infected,, lets get started
Please print these instructions out, or save them to a notepad file, as you can't read them during the fix.
A malicious .DLL...
Let me know about your issues, have you taken a look at zonealarm?
Java site is up. It does seem your logs are clean of malware. :)
Also those issues might well be because of your ZoneAlarm if it is version 7.
For example, you can read the user reviews here.
...
Well your earlier malware infestation might have conflicted with ZoneAlarm, you should really try uninstalling then reinstalling it and see if the problem still continues. Or maybe ZoneAlarm has a...
Please navigate to, and delete the following file:
C:\WINDOWS\uccspecb.sys
Empty recycle bin.
------
Please go to UploadMalware to upload some files for for analysis..
Enter your...
Well, I don't see any definate baddies there anymore.
Lets see the following.....
Surf here: http://virustotal.com
In the blank field next to the "Browse" button, paste the following...
Have you tried uninstalling then reinstalling ZoneAlarm at any point?
The malware infection you had might have done something to it.
I need some more logs :)
Open HiJackThis
Click on the...
Lets check another very helpful log for analysing....
Please download ComboScan to your desktop.
Close all applications and windows.
Double-click on comboscan.exe to run it -- follow the...
Anything new on this? :)
Please run a scan with HijackThis and check the following objects for removal:
O2 - BHO: (no name) - {29AFBA10-AB2A-449F-B153-1797FA4D9539} - C:\WINDOWS\system32\jkhfc.dll (file missing)
O2 -...
Ok could you please post a fresh HijackThis log then :)
I'm thinking about this now.... Your Wireless Zero Configuration service is dependent on this service aswell, so you need it. Have you installed all your drivers and stuff for your Wireless?
I...
Won't require any internet connections because you are doing the scans in Safe Mode where IS no connection available. You also don't need to disable anything. Simply go through all the instructions I...
The same steps w/ images: http://www.ifelix.co.uk/tech/2007.html
You might also want to check if this is of any help.... http://support.microsoft.com/kb/313242
What do you mean? When you try to start Wireless Zero Configuration service, what does it say? Does it give you the same error as earlier?
What about the Remote Procedure Call? Is it active or stopped? If so, did you Start it?
Did you try activating (starting and setting startup type to automatic) the Wireless Zero Configuration...
Ok lets see the following then...
Click Start -> Run and type in: services.msc
Click "OK".
In the services window find service: NDIS Usermode I/O Protocol
Right-click and choose...
Good! I mean, it's good we got everything else working ok :)
Next we are going to check on that internet issue.
Please go to Start -> Run and type in: Services.msc
Click "OK".
In the...
That means you don't have the registry key you need, so we are going to add that. Then you can get to Safe Mode again :)
Download the attached Safeboot.zip file, unzip it to your desktop,...
Hi again, :)
Please go to Start » Run » type in: regedit » OK.
On the leftside, click to highlight My Computer at the top.
Go up to File » Export
Make sure in that window there...
Btw, didn't notice this one yet,
please delete this file:
C:\Program Files\Internet Explorer\podosipil.html
Empty recycle bin.
----
When did you notice these problems? Before posting your log or after?
Also, what does your Windows say when you try to open up in Safe Mode (have you tried using msconfig's /safeboot option...
Hello and welcome :)
Lets get started.
Please print these instructions out, or write them down, as you can't read them during the fix.
Please download AVG Anti-Spyware and save that file to...
Please print these instructions out, or write them down, as you can't read them during the fix.
Please copy the following text in the quotebox below to a blank Notepad file. Make sure the filetype...
Yes, please delete all those files.
Then, please download WinPFind2 by OldTimer to your desktop.
Double-click WinPFind2.exe to extract it.
Open up the new folder on your desktop and...
Have you archived all those four files now? I mean, are they in their original locations? If not, simply delete that archive. I don't think they are clean files.
You can also check the current...
I'm losing my mind with these subscription issues. Sorry for the delay.
I'll check them out right away and see if anyone has checked them as of yet. :)